package com.xiaostudy.config;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.SessionException;
import org.apache.shiro.session.mgt.SessionContext;
import org.apache.shiro.session.mgt.SessionKey;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.SubjectContext;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.Collection;
import java.util.HashMap;
import java.util.List;

@Configuration
public class shiroConfig {
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("manager") DefaultWebSecurityManager manager){
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
        //添加安全组控制
        bean.setSecurityManager(manager);

        HashMap<String, String> map = new HashMap<>();
        //设置过滤器链的规则,admin下的所有页面都必须有vip权限才能够进行访问
        map.put("/admin/*","perms[normal]");
        map.put("/*","authc");      //所有的请求都必须要经过认证
        bean.setFilterChainDefinitionMap(map);
        //越权访问
        bean.setUnauthorizedUrl("/noauth");

        bean.setLoginUrl("/user/login");
        bean.setFilterChainDefinitionMap(map);


        return bean;
    }


    @Bean(name = "manager")   //设置安全管理器
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
        manager.setRealm(userRealm);
        return manager;
    }


    @Bean(name = "userRealm")
    public UserRealm getUserRealm(){
        return new UserRealm();
    }




}
